﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Data.SqlClient;
using System.Configuration;

namespace _2015.Login
{
    
    public partial class Login : System.Web.UI.Page
    {
        protected void Page_Load(object sender, EventArgs e)
        {

        }

        protected void ButtonReset_Click(object sender, EventArgs e)
        {
            TextBoxUserName.Text = "";
            TextBoxPassword.Text = "";
        }

        protected void ButtonSignIn_Click(object sender, EventArgs e)
        {
            string PageName="";
            string Name = "";
            string Depart = "";
            string CS = ConfigurationManager.ConnectionStrings["DBCS"].ConnectionString;
            using (SqlConnection con = new SqlConnection(CS))
            {
                con.Open();
                string checkuser = "SELECT COUNT(*) FROM SUBADMINS WHERE USERNAME='" + TextBoxUserName.Text + "'";
                SqlCommand com = new SqlCommand(checkuser, con);
                int temp = Convert.ToInt32(com.ExecuteScalar().ToString());
                con.Close();
                if (temp == 1)
                {
                    con.Open();
                    string checkPasswordQuery = "SELECT LOGPASS FROM SUBADMINS WHERE USERNAME='" + TextBoxUserName.Text + "'";
                    SqlCommand passComm = new SqlCommand(checkPasswordQuery, con);
                    string password = passComm.ExecuteScalar().ToString().Replace(" ", "");
                    if (password == TextBoxPassword.Text)
                    {
                        
                        string getPosition = "SELECT POSITION FROM SUBADMINS WHERE USERNAME='" + TextBoxUserName.Text + "'";
                        SqlCommand PositionCom = new SqlCommand(getPosition, con);
                        SqlDataReader Pos;
                        Pos = PositionCom.ExecuteReader();

                        if (Pos.Read())
                        {
                            PageName = Pos["POSITION"].ToString();
                        }
                        con.Close();
                        con.Open();
                        string getName = "SELECT NAME FROM SUBADMINS WHERE USERNAME='" + TextBoxUserName.Text + "'";
                        SqlCommand NameCom = new SqlCommand(getName, con);
                        SqlDataReader Nam;
                        Nam = NameCom.ExecuteReader();
                        if (Nam.Read())
                        {
                            Name = Nam["NAME"].ToString();
                        }
                        con.Close();
                        con.Open();
                        string getDept = "SELECT DIVISION FROM SUBADMINS WHERE USERNAME='" + TextBoxUserName.Text + "'";
                        SqlCommand DeptCom = new SqlCommand(getDept, con);
                        SqlDataReader Dep;
                        Dep = DeptCom.ExecuteReader();
                        if (Dep.Read())
                        {
                            Depart = Dep["DIVISION"].ToString();
                        }
                        if (PageName == "Division Head")
                        {
                            Session["LoggingInfo"] = Name;
                            Session["LoggingPosition"] = PageName;
                            Session["LoggingDivision"] = Depart;
                            Session["LoggingInfoUsername"] = TextBoxUserName.Text;
                            Response.Redirect("../DivHead/DivHeadHome.aspx");
                            
                        }

                        else if (PageName == "CEO")
                        {
                            Session["LoggingInfo"] = Name;
                            Session["LoggingPosition"] = PageName;
                            Session["LoggingDivision"] = Depart;
                            Session["LoggingInfoUsername"] = TextBoxUserName.Text;
                            Response.Redirect("../CEO/CEOHome.aspx");
                            
                        }

                        else if (PageName == "Division Administrator")
                        {
                            Session["LoggingInfo"] = Name;
                            Session["LoggingPosition"] = PageName;
                            Session["LoggingDivision"] = Depart;
                            Session["LoggingInfoUsername"] = TextBoxUserName.Text;
                            Response.Redirect("../DivAdmin/DivAdminHome.aspx");
                        }

                        else if (PageName == "Division Data Correspondent")
                        {
                            Session["LoggingInfo"] = Name;
                            Session["LoggingPosition"] = PageName;
                            Session["LoggingDivision"] = Depart;
                            Session["LoggingInfoUsername"] = TextBoxUserName.Text;
                            Response.Redirect("../DataCoresp/DataCorespHome.aspx");
                        }

                        else if (PageName == "System Administrator")
                        {
                            Session["LoggingInfo"] = Name;
                            Session["LoggingPosition"] = PageName;
                            Session["LoggingDivision"] = Depart;
                            Session["LoggingInfoUsername"] = TextBoxUserName.Text;
                            Response.Redirect("../SysAdmin/SysAdminHome.aspx");
                        }

                        
                    }
                    else
                    {
                        LabelSignInError.Text = "Password is incorrect";
                    }
                }
                else
                {
                    LabelSignInError.Text = "Username is incorrect";
                }
                
                
            }
        }
    }
}